签名更新版本 91
针对在 2022-08-23 周发现的漏洞生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名版本 91 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。
注意
启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 998909 | CVE-2022-38129 | WEB-MISC Keysight SMS Prior to 2.4.1 - Path Traversal Vulnerability Allows RCE (CVE-2022-38129) |
| 998910 | CVE-2022-37042,CVE-2022-27925 | WEB-MISC Zimbra Collaboration Suite - MailboxImportServlet Multiple Vulnerabilities (CVE-2022-37042, CVE-2022-27925) |
| 998911 | CVE-2022-36446 | WEB-MISC Webmin Multiple Versions - HTML Injection and Remote Code Execution Vulnerabilities (CVE-2022-36446) |
| 998912 | CVE-2022-35405 | WEB-MISC Zoho ManageEngine Password Manager Pro Prior to 12101 - Java Deserialization Vulnerability (CVE-2022-35405) |
| 998913 | CVE-2022-34872 | WEB-MISC Centreon Prior to 21.10.7 - SQL Injection Vulnerability Via vhidden (CVE-2022-34872) |
| 998914 | CVE-2022-34872 | WEB-MISC Centreon Prior to 21.10.7 - SQL Injection Vulnerability Via rpn_function (CVE-2022-34872) |
| 998915 | CVE-2022-34872 | WEB-MISC Centreon Prior to 21.10.7 - SQL Injection Vulnerability Via unit_name (CVE-2022-34872) |
| 998916 | CVE-2022-34872 | WEB-MISC Centreon Prior to 21.10.7 - SQL Injection Vulnerability Via warn (CVE-2022-34872) |
| 998917 | CVE-2022-34872 | WEB-MISC Centreon Prior to 21.10.7 - SQL Injection Vulnerability Via crit (CVE-2022-34872) |
| 998918 | CVE-2022-34872 | WEB-MISC Centreon Prior to 21.10.7 - SQL Injection Vulnerability Via def_type (CVE-2022-34872) |
| 998919 | CVE-2022-31813 | WEB-MISC Apache HTTP Server Up to 2.4.53 - mod_proxy X-Forwarded-* Headers Removal Vulnerability (CVE-2022-31813) |
| 998920 | CVE-2022-31125 | WEB-MISC Roxy-wi Prior To 6.1.1.0 - Authentication Bypass Vulnerability Via alert_consumer (CVE-2022-31125) |
| 998921 | CVE-2022-31101 | WEB-MISC Prestashop Blockwishlist Prior to 2.1.1 - SQL Injection Vulnerability (CVE-2022-31101) |
| 998922 | CVE-2022-26137 | WEB-MISC Atlassian Products Multiple Versions - Cross-Origin Resource Sharing Bypass Vulnerability (CVE-2022-26137) |
| 998923 | CVE-2022-24299 | WEB-MISC pfSense CE Prior to 2.6.0 - Remote Code Execution Vulnerability Via vpn_openvpn_client.php (CVE-2022-24299) |
| 998924 | CVE-2022-24299 | WEB-MISC pfSense CE Prior to 2.6.0 - Remote Code Execution Vulnerability Via vpn_openvpn_server.php (CVE-2022-24299) |
| 998925 | CVE-2022-0817 | WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQL Injection Vulnerability Via get-achievements and user_id (CVE-2022-0817) |
| 998926 | CVE-2021-36749 | WEB-MISC Apache Druid - Arbitrary Local File Disclosure Vulnerability (CVE-2021-36749) |
| 998927 | CVE-2021-26919 | WEB-MISC Apache Druid Prior to 0.20.2 - Untrusted Deserialization Vulnerability via autoDeserialize=true (CVE-2021-26919) |
| 998928 | CVE-2021-26919 | WEB-MISC Apache Druid Prior to 0.20.2 - Untrusted Deserialization Vulnerability via detectCustomCollations=true (CVE-2021-26919) |
本内容的正式版本为英文版。部分 Cloud Software Group 文档内容采用了机器翻译,仅供您参考。Cloud Software Group 无法控制机器翻译的内容,这些内容可能包含错误、不准确或不合适的语言。对于从英文原文翻译成任何其他语言的内容的准确性、可靠性、适用性或正确性,或者您的 Cloud Software Group 产品或服务沿用了任何机器翻译的内容,我们均不作任何明示或暗示的保证,并且适用的最终用户许可协议或服务条款或者与 Cloud Software Group 签订的任何其他协议(产品或服务与已进行机器翻译的任何文档保持一致)下的任何保证均不适用。对于因使用机器翻译的内容而引起的任何损害或问题,Cloud Software Group 不承担任何责任。
签名更新版本 91
已复制!
失败!